dettanym
|
94b5df506b
Refactored some decryptors client data decryption code and added in encryption with Apache. Does not work with client side extension.
|
5 gadi atpakaļ |
dettanym
|
a27c0b3ca8
Got decryption of client data working. Yet to encrypt client-data back to the Apache. Refactored decryptor client data decryption functions in trusted and untrusted code. Added in a new base64 decoding function (CommonOpensslCode was intended to contain base64 function and it was supposed to be linkable by both trusted, untrusted code, but couldnot get the app to link against the same version of openssl as intel-sgx-ssl.
|
5 gadi atpakaļ |
dettanym
|
02c5dc0152
Encrypts hardcoded strings in aesgcm (for clientside extension)
|
5 gadi atpakaļ |
dettanym
|
61c3e45943
Compiled and linked against working copy of ECDHE key generation (Mitigator header) + shared secret + derived key code. Can port ECDSA signing code to openssl for clarity.
|
5 gadi atpakaļ |
dettanym
|
c508171e76
Got decryptor working with intel-sgx-ssl libraries without any linker errors. Added in sample ECDHE key and shared secret generation code, key derivation code that worked outside sgx
|
5 gadi atpakaļ |
dettanym
|
a20b36689c
Not working commit of compiling ECDHE key generation code. Correct code is in openssl_ecdhe folder. Linking error of thread functions not defined in stdc keeps throwing up.
|
5 gadi atpakaļ |
dettanym
|
6e1febba9c
Added in ECDHE key generation code - does not work with 2 implementations on JS side
|
5 gadi atpakaļ |
dettanym
|
cb9e34027d
Added in new interface to send post-LA msgs so we don't need to know the size of msgs beforehand for native read/write sys calls
|
5 gadi atpakaļ |
dettanym
|
95ebb52e20
Modified ecalls and interface for post-LA AES encryption and decryption functions. Seems to work
|
6 gadi atpakaļ |
dettanym
|
0ee2a787ef
Works with verifier + Apache!
|
6 gadi atpakaļ |
dettanym
|
4d36ab706b
Pre-verification changes - ecdsa verification function remains in decryptor.cpp but is not being called
|
6 gadi atpakaļ |
dettanym
|
3e7ec25c87
Got signature to be verified in encrypt_mitigator_header_value - had to change LA function signature to send public key from untrusted app
|
6 gadi atpakaļ |
dettanym
|
a293868311
Removed bug in ecdsa signature generation for message sent to Apache enclave
|
6 gadi atpakaļ |
dettanym
|
c13b0dc0b2
Removed repeated code
|
6 gadi atpakaļ |
dettanym
|
84ac2070dd
Works with sample verifier mrenclave being encrypted and written to Apache. Verification of signature not done yet.
|
6 gadi atpakaļ |
dettanym
|
db9db9cc96
Post LA encryption works
|
6 gadi atpakaļ |
dettanym
|
e1f77b314f
EDL files - private ecalls are not inter-enclave function calls. For inter-enclave function calls, entries are removed from the edl files. Added in code for verify_peer_enclave_trust to save the mrenclave of the 1st LA and to compare mrsigner to a global one the second time LA is called. Cleaned up unused functions.
|
6 gadi atpakaļ |
dettanym
|
5aea4929f0
Removed unused functions in main decryptor code
|
6 gadi atpakaļ |
dettanym
|
5268bf9954
Sealed signing keypair 1
|
6 gadi atpakaļ |
dettanym
|
5c090407ec
Added in files for modular LA in app. (Forgot to add them in last commit)
|
6 gadi atpakaļ |
dettanym
|
74ba6f2f7f
Refactored LA code that is outside the enclave
|
6 gadi atpakaļ |
dettanym
|
5196f3802a
Changed the order of the private and the public key in the serialization and deserialization functions, so that a public key can be serialized for ECDSA signing
|
6 gadi atpakaļ |
dettanym
|
514af6f3b3
Can now generate keypair, seal both parts to a file and unseal them, if the file already exists.
|
6 gadi atpakaļ |
dettanym
|
06df39a8fd
Generated and sealed private key to disk.
|
6 gadi atpakaļ |
dettanym
|
53aa094042
Previous commit had a buggy sgx_seal_data implementation - wrong parameters - and no error checking. Fixed that.
|
6 gadi atpakaļ |
dettanym
|
62087a9143
Can seal a fixed msg of the same buffer length. can generate keypair. cannot seal keypair yet.
|
6 gadi atpakaļ |
dettanym
|
8410c52adb
Works with sgx_calc_sealed_data working properly. Had to make it return the uint32_t rather than pass it as a pointer, for some reason.
|
6 gadi atpakaļ |
dettanym
|
442b3d1019
Can generate ecdsa keypair now (not seal to disk).
|
6 gadi atpakaļ |
dettanym
|
62fddb71db
Runs sgx_seal_data with null arguments in the session_request - rightly returns an error. Modified veify_peer_enclave_trust in decryptor.cpp to not run sgx_create_rsa_key_pair
|
6 gadi atpakaļ |
dettanym
|
812ae31801
Initial working local attestation commit with the sdk library - version 2.1
|
6 gadi atpakaļ |